Hi, First, let me apologize for forgetting to attach the patch. It's attached to this mail. :) On Mon, Dec 15, 2008 at 2:41 AM, Cem Kayali <cemkayali%eticaret.com.tr@localhost> wrote: > Hi, > > > - Machine has already been up and I enabled veriexec by '/etc/rc.d/veriexec > start' just after inserting veriexec=yes into rc.conf > > - I edited veriexec sysctl parameters and they are as: > kern.veriexec.verbose = 1 > kern.veriexec.strict = 2 > kern.veriexec.algorithms = RMD160 SHA256 SHA384 SHA512 SHA1 MD5 > > - I did following operations: > localhost# cd /usr/pkg/bin > localhost# cp kasteroids kasteroids.org > localhost# rm -rf kasteroids > localhost# cp katomic kasteroids > > - I tried to run ./kasteroids and it launched (it actually started katomic!) > > - Signature file: > localhost# grep kasteroids /etc/signatures > /usr/pkg/bin/kasteroids SHA512 3ca3929b49cff9eafdb2d644.................. > > - Original checksum: > localhost# cksum -a sha512 /usr/pkg/bin/kasteroids > SHA512 (/usr/pkg/bin/kasteroids) = e2073b3f71885530cab84865f.............. > > - /var/log/messages does not contain any error message. > > > I really surprised nobody untill now has noticed the problem -if there is a > problem really. This is 4.99.7X amd64 machine. Maybe problem is within 64 > bit systems. My tests are done on amd64 as well, so that is not the issue. Perhaps your signatures file isn't loaded properly? can you try running veriexecctl query /usr/pkg/bin/kasteroids and show me the output? if it will indicate the fingerprint mismatches, and you are able to overwrite/delete/run it, then we have a problem! Thanks, -e.
Description: Binary data